But on login, the system threw another exception. And we don't want to always validate certificates anyway. Interestingly enough, when the sysadmin changed over to a self-signed certificate, we weren't even able to reach the login page. We're using a wildcard certificate, but I'm wondering if that's the problem.

Our sysadmin thinks we may just need to buy a properly signed certificate, but I'm wondering if there's a configuration problem on my end.

Looking at Security Cert. Issuers...
System.Security.Cryptography.X509Certificates.X509Chain
CN=xxxxx.xxxx.org
Checking elements in X509 Chain:
UntrustedRoot
A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.